On 8/22/07, Chuck Swiger <[EMAIL PROTECTED]> wrote: > On Aug 21, 2007, at 2:02 PM, Richard Foulkes wrote: > > Ok, so how are you supposed to control membership of the wheel > > group via ldap? Ok, you COULD remove the local wheel entry in /etc/ > > group, but this would probably be a bad idea if the ldap server > > were unavailable. > > You've aptly summarized my thoughts on the matter-- I would not rely > on LDAP to provide information about root or the wheel group.
That is exactly the gist of my question. Of course I know that a group oneliner is the way to go. However, I saw people suggest splitting groups into multiple lines, if the lines are too long or too many groups per line (something to do with the /etc/group parser, I guess). Anyway, I want the LDAP groups to *augment* system groups. Removing wheel from /etc/group and relying on a complex network service .... not funny. Besides, it *does* work for file permissions etc. so some basic system calls *do* get this right. Uli _______________________________________________ freebsd-stable@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to "[EMAIL PROTECTED]"
